Fallos del tipo CWE-862
6845 resultadosCVE-2023-37890MEDIUMWordPress KB Support Plugin <= 1.5.88 is vulnerable to Broken Access ControlEPSS 0.4%CVE-2024-10579MEDIUMHustle – Email Marketing, Lead Generation, Optins, Popups <= 7.8.5 - Missing Authorization to Unpublished Form ExposureEPSS 0.4%CVE-2024-30465MEDIUMWordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43254MEDIUMWordPress Smart Online Order for Clover plugin <= 1.5.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-56008HIGHWordPress Spreadr Woocommerce plugin <= 1.0.4 - Arbitrary Content Deletion vulnerabilityEPSS 0.4%CVE-2026-30233MEDIUMOliveTin: View permission not being checked when returning dashboardsEPSS 0.4%CVE-2024-33543HIGHWordPress WP Time Slots Booking Form plugin <= 1.2.06 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-43355MEDIUMWordPress JoomSport plugin <= 5.3.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-11271HIGHWordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar UpdatesEPSS 0.4%CVE-2024-12876CRITICALGolo - Directory & Listing, Travel WordPress Theme <= 1.6.10 - Missing Authorization to Privilege Escalation via Unauthenticated Arbitrary User Password ChangeEPSS 0.4%CVE-2024-33555HIGHWordPress XStore Core plugin <= 5.3.8 - Multiple Authenticated Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-30488MEDIUMWordPress Featured Post Creative plugin <= 1.2.7 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-27270CRITICALWordPress Residential Address Detection Plugin <= 2.5.4 - Arbitrary Option Update to Privilege Escalation vulnerabilityEPSS 0.4%CVE-2024-56211HIGHWordPress UserPro plugin <= 5.1.9 - Authenticated Arbitrary User Meta Update vulnerabilityEPSS 0.4%CVE-2023-5061MEDIUMMissing Authorization in GitLabEPSS 0.4%CVE-2025-31834MEDIUMWordPress JobBoard Job listing plugin Plugin <= 1.2.8 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2023-28536MEDIUMWordPress Branded Social Images plugin <= 1.1.0 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-11581MEDIUMPowerJob OpenAPIController runJob authorizationEPSS 0.4%CVE-2024-56061HIGHWordPress RepairBuddy plugin <= 3.8119 - Account Takeover vulnerabilityEPSS 0.4%CVE-2025-31786MEDIUMWordPress Simple Icons plugin <= 2.8.4 - Broken Access Control vulnerabilityEPSS 0.4%